Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

how to stop Whm/cpanel from broadcasting user names?

Discussion in 'General Discussion' started by matt621, Feb 28, 2005.

  1. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    166
    Spammers send spam to username@domain.com

    I've found ways of solving that problem, here and abroad, however, one thing that has bothered me is how the spammers get the "username" in the first place. The clients username should be protected just like their password.

    But somehow whm/cpanel seems to be broadcasting this information. I have setup test accounts with jibberish usernames and sure enough it'll start getting spam if I don't take care of it.

    So how do we stop cpanel/whm from providing a list of user names on the box?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Well, only user hosted on the server can get a list of actual usernames. What you're most likely seeing are what are known as dictionary attacks. You can protect against those using an exim ACL that blocks the spammer after a number of attempts:
    http://www.configserver.com/free/eximdeny.html
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice